Authentication and Authorization Paper

XYZ Company has contracted you to secure an Apache server or MicrosoftInternetInformation Server (IIS). Explain how you would secure the server and describe the system settings that you would employ for the server. Be sure to include methods for authentication and methods for authorization.

Solution Preview

Running Head: COMPUTER SCIENCE

Authentication and Authorization of Web Servers

Introduction
Presently, with the increasing speed of internet, the traffic over the internet is increasing and that is causing an increase in the security threats for information stored over a server. A web server should be ensured before transferring the information to the client that the client is authorized as well as authenticated. Over the years, there has been advancement in the methods of security for servers but at the same time, the methods of intrusions have also changed (Ciampa, 2008). This document discusses the need for authorization and authentication and also describes the various methods of authentication and authorization of clients over the network.
Authentication & Authorization
When a web server receives a request for information; it must know the source of the request so that the information can be sent back. It is because; sometimes source doesn't provide actual identity. In this case the server will be able to determine actual identity and to facilitate information security. This process is called authentication. On the other hand, restricting the actions and information access to a set of users and deciding whether the current user is allowed to perform a certain action or not is referred to as Authorization (Knox et al., 2009).
Need for Authorization and Authentication
Most of the organizations use their first web application to offer generally available information over the public Internet, intranets, and extranets. The supporting key business functions through the web have become the norm for many competitive businesses today. Following are the main reasons that describe the needs for information security:-
• With the emergence of e-commerce, transactions worth billions of dollars take place over the internet every day. The lack of security over the transaction on web may affect the users badly.
• Many companies want their employees to work from homes; hence ...